ggercek
commented
11 years ago No need to generate random data. Hpfeeds bindings completed.
Closed oguzy closed 11 years ago
ggercek
commented
11 years ago No need to generate random data. Hpfeeds bindings completed.
Let's first check the returned response from historical data: curl -k -b cookies.txt "https://mnemosyne.honeycloud.net:8282/api/v1/sessions?honeypot=dionaea"
Create the cookies.txt with the credentials i supplied before. The returned response will be a session info that is a list of the below entries:
{u'_id': u'516355bc09ce452887896a85', u'attachments': [{u'description': u'Binary extraction', u'hashes': {u'md5': u'87136c488903474630369e232704fa4d', u'sha512': u'4be047b651cbbc590aa07e80aed8cb6c1cffe4d023cc800e7d64b51591efb4d2c7d9fd394630dae45f2b834b67d08f3b116f577a9a5fc2bf7d001ad190be1fed'}}], u'destination_ip': [u'103.15.183.4'], u'destination_port': 445, u'honeypot': u'dionaea', u'hpfeed_id': u'5160db6009ce4508dfe3940d', u'protocol': u'microsoft-ds', u'source_ip': u'186.55.21.135', u'source_port': 1766, u'timestamp': u'2013-04-07T02:35:12.944000'}
We have source_ip that can be used for geographic detection. Lets create data with the same format, but for a specific country (ries) with random data. Better to save the produced data at the database. This will be an independent process.